Aren't you a true master hacker trying (and failing) to DDoS sites and posting XSS vulnerabilities on random sites to FD.
2012/12/22 tig3rhack <[email protected]> > Onion Bazaar is an online auction site, exploits are filled in by those > who want to sell them, for hacktalk exploiting my dick. > > Ooops your site is down ho ho ho > > stupid idiot > > Il 21.12.2012 14:49 Luis Santana ha scritto: > > Semen samples are just how we pay the bills, don't hold that against > > us. Do you know how much you can get for over 9000 gallons of semen? > > You can get a lot, a _whole_ lot. > > > > Anyway, I wasn't saying that the "Onion Bazaar" site was shit, simply > > that the OP said it was a place to buy/sell exploits and yet not a > > single exploit was available for sale; was a bit of the bait & > > switch. > > > > <3 Benji, stop being so upset; you just survived the end of the world > > man! > > > > On Dec 21, 2012, at 9:46 AM, Benji <[email protected]> wrote: > > > >> Not your website. The website you were somehow accusing of being > >> shit based on it's lack of interesting information when obviously > >> hacktalk is a plethora of information, expertise and semen samples. > >> > >> On Fri, Dec 21, 2012 at 2:44 PM, Luis Santana > >> <[email protected]> wrote: > >> > >>> Lulz? Sorry bro but uh, the main page runs SMF not WeBid so I'm not > >>> really too sure where you pulled that from. Good job though, maybe > >>> santa will give you some of his cookies for your effort. > >>> > >>> On Dec 21, 2012, at 5:26 AM, Benji <[email protected]> wrote: > >>> > >>>> Also genius, I know you're quick to kick things down because you > >>>> are inept. However, I'd say after my whole 10 minute review of that > >>>> code and a simple check with PHP that, that site is vulnerable to > >>>> SQLi and by the look of it. > >>>> > >>>> If we take a look at latest WeBid code, specifically > >>>> selleremails.php, we see them doing an array_merge from $_POST to > >>>> $user>user_data (user_data being a trusted array it would appear). > >>>> > >>>> include 'includes/common.inc.php'; > >>>> > >>>> if (!$user->is_logged_in()) > >>>> { > >>>> $_SESSION['REDIRECT_AFTER_LOGIN'] = 'selleremails.php'; > >>>> header('location: user_login.php'); > >>>> exit; > >>>> } > >>>> > >>>> // Create new list > >>>> if (isset($_POST['action']) && $_POST['action'] == 'update') > >>>> { > >>>> $query = "UPDATE " . $DBPrefix . "users SET endemailmode = '" . > >>>> $system->cleanvars($_POST['endemailmod']) . "', > >>>> startemailmode = '" . $system->cleanvars($_POST['startemailmod']) > >>>> . "', > >>>> emailtype = '" . $system->cleanvars($_POST['emailtype']) . "' > >>>> WHERE id = " . $user->user_data['id']; > >>>> $system->check_mysql(mysql_query($query), $query, __LINE__, > >>>> __FILE__); > >>>> $ERR = $MSG['25_0192']; > >>>> $user->user_data = array_merge($user->user_data, $_POST); //update > >>>> the array > >>>> } > >>>> > >>>> After staying up all night and working through this code, I came > >>>> up with this test case: > >>>> > >>>> <?php > >>>> $array1 = array("color" => "red"); > >>>> $array2 = array("color" => "test"); > >>>> $result = array_merge($array1, $array2); > >>>> print_r($result); > >>>> ?> > >>>> Array > >>>> ( > >>>> [color] => test > >>>> ) > >>>> > >>>> So as we can overwrite any array value, we have SQLi across the > >>>> application. Maybe a first 0day for hacktalk.net [5]? > >>>> > >>>> I will take your 'hella l33t', print it out, and then shit on it. > >>>> > >>>> Suck my dick. > >>>> > >>>> On Fri, Dec 21, 2012 at 10:12 AM, Benji <[email protected]> wrote: > >>>> > >>>>> You say "n00bz" welcome, where is my assistance and the warm > >>>>> atmosphere to embrace me into the world of script kiddy-ism? Oh, > >>>>> and the obvious literary genius. > >>>>> > >>>>> On Fri, Dec 21, 2012 at 8:25 AM, Luis Santana > >>>>> <[email protected]> wrote: > >>>>> > >>>>>> Hella l33t bro, you can read an email address. Much propz > >>>>>> > >>>>>> On Dec 21, 2012, at 3:22 AM, Benji <[email protected]> wrote: > >>>>>> > >>>>>>> in other news, have you heard of the super cool site > >>>>>>> hacktalk.net [5] where they almost have 1000 members? > >>>>>>> > >>>>>>> On Thu, Dec 20, 2012 at 3:13 PM, Luis Santana > >>>>>>> <[email protected]> wrote: > >>>>>>> > >>>>>>>> Not a single fucking exploit on the entire site. gg sir, gg > >>>>>>>> > >>>>>>>> On Dec 10, 2012, at 2:17 PM, [email protected] wrote: > >>>>>>>> > >>>>>>>> > In Deep Web has created a new online site a few days ago > >>>>>>>> that allows you > >>>>>>>> > to sell even exploits, malware, etc. etc.. > >>>>>>>> > The site works like Ebay so everything is auctioned. > >>>>>>>> > > >>>>>>>> > you can get from tor: http://qatuopo4wmzkirlo.onion [1] > >>>>>>>> > > >>>>>>>> > Or by proxy (tor2web): https://qatuopo4wmzkirlo.tor2web.org > >>>>>>>> [2] > >>>>>>>> > > >>>>>>>> > _______________________________________________ > >>>>>>>> > Full-Disclosure - We believe in it. > >>>>>>>> > Charter: > >>>>>>>> http://lists.grok.org.uk/full-disclosure-charter.html [3] > >>>>>>>> > Hosted and sponsored by Secunia - http://secunia.com/ [4] > >>>>>>>> > >>>>>>>> _______________________________________________ > >>>>>>>> Full-Disclosure - We believe in it. > >>>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >>>>>>>> [3] > >>>>>>>> Hosted and sponsored by Secunia - http://secunia.com/ [4] > > > > > > > > Links: > > ------ > > [1] http://qatuopo4wmzkirlo.onion/ > > [2] https://qatuopo4wmzkirlo.tor2web.org/ > > [3] http://lists.grok.org.uk/full-disclosure-charter.html > > [4] http://secunia.com/ > > [5] http://hacktalk.net/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
